223 lines
8.9 KiB
C++
223 lines
8.9 KiB
C++
////////////////////////////////////////////////////////////////////////////////
|
|
// Copyright 2016 Google LLC.
|
|
//
|
|
// This software is licensed under the terms defined in the Widevine Master
|
|
// License Agreement. For a copy of this agreement, please contact
|
|
// widevine-licensing@google.com.
|
|
////////////////////////////////////////////////////////////////////////////////
|
|
|
|
// Unit tests for the crypto_util helper functions.
|
|
|
|
#include "common/crypto_util.h"
|
|
|
|
#include <string>
|
|
|
|
#include "testing/gmock.h"
|
|
#include "testing/gunit.h"
|
|
#include "absl/strings/escaping.h"
|
|
#include "absl/strings/str_cat.h"
|
|
#include "absl/strings/string_view.h"
|
|
|
|
namespace widevine {
|
|
namespace crypto_util {
|
|
|
|
const char kCENCStr[] = "cenc";
|
|
const char kCBC1Str[] = "cbc1";
|
|
const char kCENSStr[] = "cens";
|
|
const char kCBCSStr[] = "cbcs";
|
|
|
|
static unsigned char key_data[] =
|
|
{ 0x87, 0x27, 0xa4, 0x0e, 0xbd, 0x82, 0x32, 0x9e,
|
|
0x6b, 0x3b, 0x4e, 0x29, 0xfa, 0x3b, 0x00, 0x4b };
|
|
|
|
static std::string key_str(key_data, key_data + sizeof(key_data));
|
|
|
|
static unsigned char iv_data[] =
|
|
{ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
|
|
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f };
|
|
|
|
static std::string iv_str(iv_data, iv_data + sizeof(iv_data));
|
|
|
|
TEST(CryptoUtilTest, DeriveAes128KeyTest) {
|
|
unsigned char label[] = { 0x16, 0xf1, 0xa4, 0x32, 0x9f, 0x94, 0x55, 0xc1,
|
|
0x92, 0xa0, 0x34, 0x8a, 0x8b, 0x6b, 0x77, 0x08,
|
|
0xbc, 0x23, 0x70, 0x16, 0xbc, 0xda, 0xfb, 0x60,
|
|
0xd1, 0xcf, 0x6a, 0x4d, 0x40, 0xa1, 0xe3, 0xfe,
|
|
0xd3, 0xe9, 0xa6, 0x58, 0x4c, 0xd4, 0xad, 0xa4,
|
|
0xa2 };
|
|
|
|
unsigned char context[] = { 0x4c, 0x53, 0xc0, 0xe9, 0x9e, 0x7f, 0x7d, 0x6d,
|
|
0x0a, 0x76, 0x7c, 0xc7, 0x25, 0xb5, 0x5b, 0x80,
|
|
0x81, 0x91, 0xff };
|
|
|
|
unsigned char output0[] = { 0xd5, 0xad, 0x2d, 0xb1, 0x5a, 0x06, 0xcb, 0x50,
|
|
0xf2, 0x59, 0x5a, 0xb2, 0xb2, 0x0d, 0x44, 0x4e };
|
|
|
|
unsigned char output1[] = { 0xdf, 0x38, 0x45, 0x97, 0x5d, 0x7a, 0x81, 0xb4,
|
|
0x94, 0x86, 0xaf, 0x0c, 0xdc, 0x4d, 0xeb, 0x62,
|
|
0x31, 0x39, 0x67, 0x8f, 0xff, 0x5d, 0x68, 0x35,
|
|
0xdc, 0x89, 0x5f, 0x47, 0xca, 0xe0, 0x2d, 0x3a,
|
|
0x10, 0x24, 0xf8, 0x7e, 0x5b, 0x70, 0xe1, 0xa3,
|
|
0x4a, 0x47, 0x2f, 0x04, 0xe0, 0x34, 0x75, 0x22 };
|
|
|
|
std::string label_str(label, label + sizeof(label));
|
|
std::string key_str(key_data, key_data + sizeof(key_data));
|
|
std::string context_str(context, context + sizeof(context));
|
|
std::string result = DeriveKey(key_str, label_str, context_str, 128);
|
|
|
|
std::string output_128(output0, output0 + sizeof(output0));
|
|
|
|
ASSERT_EQ(result, output_128);
|
|
|
|
result = DeriveKey(key_str, label_str, context_str, 384);
|
|
|
|
std::string output_384(output1, output1 + sizeof(output1));
|
|
|
|
ASSERT_EQ(result, output_384);
|
|
}
|
|
|
|
TEST(CryptoUtilTest, DeriveGroupSesionKey) {
|
|
unsigned char output[] = { 0x92, 0x6c, 0x2f, 0x5, 0xa6, 0x4f, 0xff, 0xb1,
|
|
0x86, 0x4a, 0x1a, 0x14, 0x95, 0xeb, 0xb0, 0xf1 };
|
|
std::string group_session_key = DeriveGroupSessionKey("test_group_id", 128);
|
|
EXPECT_EQ(crypto_util::kAes128KeySizeBytes, group_session_key.size());
|
|
const std::string output_128(output, output + sizeof(output));
|
|
ASSERT_EQ(output_128, group_session_key);
|
|
}
|
|
|
|
TEST(CryptoUtilTest, TestCreateAndVerifySignatureHmacSha256) {
|
|
unsigned char message_data[] = {
|
|
0xd9, 0x24, 0x2d, 0x03, 0x93, 0x6f, 0x22, 0x53,
|
|
0x99, 0x7a, 0x7d, 0x9b, 0x0c, 0xcf, 0xfd, 0xb2,
|
|
0x66, 0x0d, 0xaf, 0xdb, 0xa2, 0xad, 0x23, 0x91,
|
|
0x8a, 0xdf, 0x01, 0x80, 0xa3, 0x35, 0xf9, 0xde,
|
|
0xf6, 0x5b, 0xa2, 0x85, 0x0e, 0x2d, 0x93, 0x6f,
|
|
0x99, 0x7a, 0x63, 0x47, 0x2e, 0x54, 0x35, 0xb5,
|
|
0xf7, 0x45, 0xed, 0x6b, 0xcf, 0xe8, 0xf2, 0x54,
|
|
0x97, 0x69, 0x23, 0x74, 0x34, 0x9a, 0x34, 0xda };
|
|
|
|
std::string message(message_data, message_data + sizeof(message_data));
|
|
std::string signature(CreateSignatureHmacSha256(key_str, message));
|
|
|
|
ASSERT_EQ(signature.size(), 32);
|
|
|
|
ASSERT_TRUE(VerifySignatureHmacSha256(key_str, signature, message));
|
|
}
|
|
|
|
TEST(CryptoUtilTest, TestFailCreateAndVerifyHmacSha256) {
|
|
unsigned char message_data[] = {
|
|
0xd9, 0x24, 0x2d, 0x03, 0x93, 0x6f, 0x22, 0x53,
|
|
0x99, 0x7a, 0x7d, 0x9b, 0x0c, 0xcf, 0xfd, 0xb2,
|
|
0x66, 0x0d, 0xaf, 0xdb, 0xa2, 0xad, 0x23, 0x91,
|
|
0x8a, 0xdf, 0x01, 0x80, 0xa3, 0x35, 0xf9, 0xde,
|
|
0xf6, 0x5b, 0xa2, 0x85, 0x0e, 0x2d, 0x93, 0x6f,
|
|
0x99, 0x7a, 0x63, 0x47, 0x2e, 0x54, 0x35, 0xb5,
|
|
0xf7, 0x45, 0xed, 0x6b, 0xcf, 0xe8, 0xf2, 0x54,
|
|
0x97, 0x69, 0x23, 0x74, 0x34, 0x9a, 0x34, 0xda };
|
|
|
|
std::string message(message_data, message_data + sizeof(message_data));
|
|
// Test with bogus key;
|
|
std::string bogus_key("bogus");
|
|
std::string signature(CreateSignatureHmacSha256(bogus_key, message));
|
|
|
|
// This should still produce an hmac signature.
|
|
ASSERT_EQ(signature.size(), 32);
|
|
|
|
// Create valid signature to compare.
|
|
signature = CreateSignatureHmacSha256(key_str, message);
|
|
|
|
// Test with bogus key.
|
|
ASSERT_FALSE(VerifySignatureHmacSha256(bogus_key, signature, message));
|
|
|
|
// Test with munged signature.
|
|
signature[0] = 0xFF;
|
|
ASSERT_FALSE(VerifySignatureHmacSha256(key_str, signature, message));
|
|
|
|
// Test with bogus signature.
|
|
ASSERT_FALSE(VerifySignatureHmacSha256(key_str, "bogus", message));
|
|
}
|
|
|
|
TEST(CryptoUtilTest, TestCreateAndVerifySignatureHmacSha1) {
|
|
unsigned char message_data[] = {
|
|
0xd9, 0x24, 0x2d, 0x03, 0x93, 0x6f, 0x22, 0x53,
|
|
0x99, 0x7a, 0x7d, 0x9b, 0x0c, 0xcf, 0xfd, 0xb2,
|
|
0x66, 0x0d, 0xaf, 0xdb, 0xa2, 0xad, 0x23, 0x91,
|
|
0x8a, 0xdf, 0x01, 0x80, 0xa3, 0x35, 0xf9, 0xde,
|
|
0xf6, 0x5b, 0xa2, 0x85, 0x0e, 0x2d, 0x93, 0x6f,
|
|
0x99, 0x7a, 0x63, 0x47, 0x2e, 0x54, 0x35, 0xb5,
|
|
0xf7, 0x45, 0xed, 0x6b, 0xcf, 0xe8, 0xf2, 0x54,
|
|
0x97, 0x69, 0x23, 0x74, 0x34, 0x9a, 0x34, 0xda };
|
|
|
|
std::string message(message_data, message_data + sizeof(message_data));
|
|
std::string signature(CreateSignatureHmacSha1(key_str, message));
|
|
|
|
ASSERT_EQ(20, signature.size());
|
|
ASSERT_TRUE(VerifySignatureHmacSha1(key_str, signature, message));
|
|
}
|
|
|
|
TEST(CryptoUtilTest, TestFailCreateAndVerifyHmacSha1) {
|
|
unsigned char message_data[] = {
|
|
0xd9, 0x24, 0x2d, 0x03, 0x93, 0x6f, 0x22, 0x53,
|
|
0x99, 0x7a, 0x7d, 0x9b, 0x0c, 0xcf, 0xfd, 0xb2,
|
|
0x66, 0x0d, 0xaf, 0xdb, 0xa2, 0xad, 0x23, 0x91,
|
|
0x8a, 0xdf, 0x01, 0x80, 0xa3, 0x35, 0xf9, 0xde,
|
|
0xf6, 0x5b, 0xa2, 0x85, 0x0e, 0x2d, 0x93, 0x6f,
|
|
0x99, 0x7a, 0x63, 0x47, 0x2e, 0x54, 0x35, 0xb5,
|
|
0xf7, 0x45, 0xed, 0x6b, 0xcf, 0xe8, 0xf2, 0x54,
|
|
0x97, 0x69, 0x23, 0x74, 0x34, 0x9a, 0x34, 0xda };
|
|
|
|
std::string message(message_data, message_data + sizeof(message_data));
|
|
// Test with bogus key;
|
|
std::string bogus_key("bogus");
|
|
std::string signature(CreateSignatureHmacSha1(bogus_key, message));
|
|
|
|
// This should still produce an hmac signature.
|
|
ASSERT_EQ(20, signature.size());
|
|
// Create valid signature to compare.
|
|
signature = CreateSignatureHmacSha1(key_str, message);
|
|
// Test with bogus key.
|
|
ASSERT_FALSE(VerifySignatureHmacSha1(bogus_key, signature, message));
|
|
// Test with munged signature.
|
|
signature[0] = 0xFF;
|
|
ASSERT_FALSE(VerifySignatureHmacSha1(key_str, signature, message));
|
|
// Test with bogus signature.
|
|
ASSERT_FALSE(VerifySignatureHmacSha1(key_str, "bogus", message));
|
|
}
|
|
|
|
TEST(CryptoUtilTest, DeriveIv) {
|
|
// First value in the pair is the key_id, second value is the expected IV.
|
|
std::pair<std::string, std::string> id_iv_pairs[] = {
|
|
{"1234567890123456", "3278234c7682d1a2e153af4912975f5f"},
|
|
{"0987654321098765", "cf09abd30f04b60544910791a6b904cf"}};
|
|
for (const auto& id_iv_pair : id_iv_pairs) {
|
|
SCOPED_TRACE(absl::StrCat("test case:", id_iv_pair.first));
|
|
EXPECT_EQ(id_iv_pair.second,
|
|
absl::BytesToHexString(DeriveIv(id_iv_pair.first)));
|
|
// Repeat same call to verify derivied result is repeatable.
|
|
EXPECT_EQ(id_iv_pair.second,
|
|
absl::BytesToHexString(DeriveIv(id_iv_pair.first)));
|
|
}
|
|
}
|
|
|
|
TEST(CryptoUtilTest, Verify4CCEncryptionIDFromBadString) {
|
|
uint32_t cc_code;
|
|
ASSERT_FALSE(FourCCEncryptionSchemeIDFromString("garbage", &cc_code));
|
|
ASSERT_FALSE(FourCCEncryptionSchemeIDFromString("junk", &cc_code));
|
|
ASSERT_FALSE(FourCCEncryptionSchemeIDFromString("cencc", &cc_code));
|
|
}
|
|
|
|
TEST(CryptoUtilTest, Verify4CCEncryptionIDFromString) {
|
|
uint32_t cc_code = 0;
|
|
ASSERT_TRUE(FourCCEncryptionSchemeIDFromString(kCENCStr, &cc_code));
|
|
ASSERT_EQ(kCENCSchemeID, cc_code);
|
|
ASSERT_TRUE(FourCCEncryptionSchemeIDFromString(kCBC1Str, &cc_code));
|
|
ASSERT_EQ(kCBC1SchemeID, cc_code);
|
|
ASSERT_TRUE(FourCCEncryptionSchemeIDFromString(kCENSStr, &cc_code));
|
|
ASSERT_EQ(kCENSSchemeID, cc_code);
|
|
ASSERT_TRUE(FourCCEncryptionSchemeIDFromString(kCBCSStr, &cc_code));
|
|
ASSERT_EQ(kCBCSSchemeID, cc_code);
|
|
}
|
|
|
|
} // namespace crypto_util
|
|
} // namespace widevine
|